<?php
include("connect.php");  // password, connect to database ...

if ($_POST[password]=$passwort) { 
 extract($_REQUEST);

 header('Content-Type:  audio/mpeg');
 header('Expires: ' . gmdate('D, d M Y H:i:s') . ' GMT');
 header("Content-Disposition: attachment; filename=$_REQUEST[track].mp3");
 header('Pragma: no-cache');

 for($idx=0;$idx<$_REQUEST[count];$idx++)
    readfile("scores/$_REQUEST[track].$idx");
}
else {
 echo "unerlaubter Zugriff!";
 // echo "<br>Passwort: $_POST[password]<br>\n";
}
?>